Newer
Older
<?php
namespace JsonApi\Routes\Courseware;
use Courseware\Block;
use Courseware\BlockComment;
use Courseware\BlockFeedback;
use Courseware\Container;
use Courseware\Instance;
use Courseware\StructuralElement;
use Courseware\StructuralElementComment;
use Courseware\StructuralElementFeedback;
use Courseware\Task;
use Courseware\TaskFeedback;
use Courseware\TaskGroup;
use Courseware\Template;
use Courseware\UserDataField;
use Courseware\UserProgress;
use Courseware\PublicLink;
use User;
/**
* @SuppressWarnings(PHPMD.ExcessiveClassComplexity)
* @SuppressWarnings(PHPMD.TooManyMethods)
* @SuppressWarnings(PHPMD.TooManyPublicMethods)
*/
class Authority
{
public static function canShowCoursewareInstance(User $user, Instance $resource)
{
return self::canShowStructuralElement($user, $resource->getRoot());
}
public static function canUpdateCoursewareInstance(User $user, Instance $resource)
{
return self::canUpdateStructuralElement($user, $resource->getRoot());
}
/**
* @SuppressWarnings(PHPMD.Superglobals)
*/
public static function canShowBlock(User $user, Block $resource)
{
$struct = $resource->container->structural_element;
return $struct->canRead($user);
}
public static function canIndexBlocks(User $user, Container $resource)
{
return self::canShowContainer($user, $resource);
}
public static function canCreateBlocks(User $user, Container $resource)
{
return self::canUpdateContainer($user, $resource);
}
public static function canUpdateBlock(User $user, Block $resource)
{
if ($resource->isBlocked()) {
$resource->container->structural_element->course->config->COURSEWARE_EDITING_PERMISSION,
$resource->container->structural_element->course->id,
return $resource->getBlockerUserId() == $user->id || $perm;
return self::canUpdateContainer($user, $resource->container);
}
public static function canDeleteBlock(User $user, Block $resource)
{
return self::canUpdateBlock($user, $resource);
}
public static function canUpdateEditBlocker(User $user, $resource)
$structural_element = null;
if ($resource instanceof Block) {
$structural_element = $resource->container->structural_element;
}
if ($resource instanceof Container) {
$structural_element = $resource->structural_element;
}
if ($resource instanceof StructuralElement) {
$structural_element = $resource;
}
if ($structural_element === null) {
return false;
}
$perm = $GLOBALS['perm']->have_studip_perm(
$structural_element->course->config->COURSEWARE_EDITING_PERMISSION,
$structural_element->course->id,
$user->id
);
return $resource->edit_blocker_id == '' || $resource->edit_blocker_id === $user->id || $perm;
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
}
public static function canShowContainer(User $user, Container $resource)
{
return self::canShowStructuralElement($user, $resource->getStructuralElement());
}
public static function canIndexContainers(User $user, StructuralElement $resource)
{
return self::canShowStructuralElement($user, $resource);
}
public static function canCreateContainer(User $user, StructuralElement $resource)
{
return self::canUpdateStructuralElement($user, $resource);
}
public static function canUpdateContainer(User $user, Container $resource)
{
return self::canUpdateStructuralElement($user, $resource->getStructuralElement());
}
public static function canDeleteContainer(User $user, Container $resource)
{
return self::canUpdateStructuralElement($user, $resource->getStructuralElement());
}
public static function canReorderBlocks(User $user, Container $resource)
{
return self::canUpdateContainer($user, $resource);
}
public static function canReorderContainers(User $user, StructuralElement $resource)
{
return self::canUpdateStructuralElement($user, $resource);
}
public static function canShowStructuralElement(User $user, StructuralElement $resource)
{
return $resource->canRead($user);
}
public static function canUpdateStructuralElement(User $user, StructuralElement $resource)
{
return $resource->canEdit($user);
}
public static function canCreateStructuralElement(User $user, StructuralElement $resource)
{
return self::canUpdateStructuralElement($user, $resource);
}
public static function canDeleteStructuralElement(User $user, StructuralElement $resource)
{
return self::canUpdateStructuralElement($user, $resource);
}
public static function canIndexBookmarks(User $user, Instance $resource)
{
return self::canShowCoursewareInstance($user, $resource);
}
public static function canUpdateBookmarks(User $user, Instance $resource)
{
return self::canShowCoursewareInstance($user, $resource);
}
public static function canAddBookmarkToAUser(User $actor, User $user)
{
return $actor->id === $user->id;
}
public static function canModifyBookmarksOfAUser(User $actor, User $user)
{
return $actor->id === $user->id;
}
public static function canIndexBookmarksOfAUser(User $actor, User $user)
{
return $actor->id === $user->id;
}
/**
* @SuppressWarnings(PHPMD.Superglobals)
*/
public static function canIndexStructuralElements(User $user)
{
return $GLOBALS['perm']->have_perm('root', $user->id);
}
public static function canReorderStructuralElements(User $user, $resource)
{
return self::canUpdateStructuralElement($user, $resource);
}
public static function canShowUserDataField(User $user, UserDataField $resource)
{
return $user->id === $resource->user_id;
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
}
public static function canUpdateUserDataField(User $user, UserDataField $resource)
{
return $user->id == $resource->user_id;
}
public static function canShowUserProgress(User $user, UserProgress $resource)
{
return $user->id == $resource->user_id;
}
public static function canUpdateUserProgress(User $user, UserProgress $resource)
{
return $user->id == $resource->user_id;
}
public static function canIndexBlockComments(User $user, Block $resource)
{
return self::canShowBlock($user, $resource);
}
public static function canShowBlockComment(User $user, BlockComment $resource)
{
return self::canShowBlock($user, $resource);
}
public static function canCreateBlockComment(User $user, Block $resource)
{
return self::canShowBlock($user, $resource);
}
public static function canUpdateBlockComment(User $user, BlockComment $resource)
{
$perm = $GLOBALS['perm']->have_studip_perm(
$resource->block->container->structural_element->course->config->COURSEWARE_EDITING_PERMISSION,
$resource->block->container->structural_element->course->id,
$user->id
);
return $user->id === $resource->user_id || $perm;
}
public static function canDeleteBlockComment(User $user, BlockComment $resource)
{
return self::canUpdateBlockComment($user, $resource);
}
public static function canIndexBlockFeedback(User $user, Block $resource)
{
return self::canUpdateStructuralElement($user, $resource->container->structural_element);
}
public static function canCreateBlockFeedback(User $user, Block $resource)
{
return self::canShowBlock($user, $resource);
}
public static function canShowBlockFeedback(User $user, BlockFeedback $resource)
{
return $resource->user_id === $user->id || self::canUpdateBlock($user, $resource->block);
public static function canUpdateBlockFeedback(User $user, BlockFeedback $resource)
{
return self::canShowBlockFeedback($user, $resource);
}
public static function canDeleteBlockFeedback(User $user, BlockFeedback $resource)
{
return self::canUpdateBlockFeedback($user, $resource);
}
public static function canUploadStructuralElementsImage(User $user, StructuralElement $resource)
{
return self::canUpdateStructuralElement($user, $resource);
}
public static function canDeleteStructuralElementsImage(User $user, StructuralElement $resource)
{
return self::canUploadStructuralElementsImage($user, $resource);
}
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
public static function canShowTaskGroup(User $user, TaskGroup $resource): bool
{
return $resource['lecturer_id'] === $user->id;
}
public static function canShowTask(User $user, Task $resource): bool
{
return self::canUpdateTask($user, $resource);
}
public static function canIndexTasks(User $user): bool
{
// TODO: filtered index permissions are handled in the route
return $GLOBALS['perm']->have_perm('root', $user->id);
}
public static function canCreateTasks(User $user, StructuralElement $resource): bool
{
return $resource->hasEditingPermission($user);
}
public static function canUpdateTask(User $user, Task $resource): bool
{
return $resource->canUpdate($user);
}
public static function canDeleteTask(User $user, Task $resource): bool
{
return self::canCreateTasks($user, $resource->structural_element);
}
public static function canCreateTaskFeedback(User $user, Task $resource): bool
{
return self::canCreateTasks($user, $resource->structural_element);
}
public static function canShowTaskFeedback(User $user, Task $resource): bool
{
return self::canShowTask($user, $resource);
}
public static function canUpdateTaskFeedback(User $user, Task $resource): bool
{
return self::canCreateTaskFeedback($user, $resource);
}
public static function canDeleteTaskFeedback(User $user, Task $resource): bool
{
return self::canCreateTaskFeedback($user, $resource);
}
public static function canIndexStructuralElementComments(User $user, StructuralElement $resource)
{
return self::canShowStructuralElement($user, $resource);
}
public static function canShowStructuralElementComment(User $user, StructuralElementComment $resource)
{
return self::canShowStructuralElement($user, $resource->structural_element);
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
}
public static function canCreateStructuralElementComment(User $user, StructuralElement $resource)
{
return self::canShowStructuralElement($user, $resource);
}
public static function canUpdateStructuralElementComment(User $user, StructuralElementComment $resource)
{
if ($GLOBALS['perm']->have_perm('root')) {
return true;
}
$perm = $GLOBALS['perm']->have_studip_perm(
$resource->structural_element->course->config->COURSEWARE_EDITING_PERMISSION,
$resource->structural_element->course->id,
$user->id
);
return $user->id == $resource->user_id || $perm;
}
public static function canDeleteStructuralElementComment(User $user, StructuralElementComment $resource)
{
return self::canUpdateStructuralElementComment($user, $resource);
}
public static function canIndexStructuralElementFeedback(User $user, StructuralElement $resource)
{
return self::canUpdateStructuralElement($user, $resource);
}
public static function canCreateStructuralElementFeedback(User $user, StructuralElement $resource)
{
if ($GLOBALS['perm']->have_perm('root')) {
return true;
}
$perm = $GLOBALS['perm']->have_studip_perm(
$resource->course->config->COURSEWARE_EDITING_PERMISSION,
$resource->course->id,
$user->id
);
return $perm;
}
public static function canUpdateStructuralElementFeedback(User $user, StructuralElementComment $resource)
{
return self::canCreateStructuralElementFeedback($user, $resource->structural_element);
}
public static function canShowStructuralElementFeedback(User $user, StructuralElementFeedback $resource)
{
return $resource->user_id === $user->id || self::canUpdateStructuralElement($user, $resource->structural_element);
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
}
public static function canDeleteStructuralElementFeedback(User $user, StructuralElementComment $resource)
{
return self::canUpdateStructuralElementFeedback($user, $resource);
}
public static function canShowTemplate(User $user, Template $resource)
{
// templates are for everybody, aren't they?
return true;
}
public static function canIndexTemplates(User $user)
{
// templates are for everybody, aren't they?
return true;
}
public static function canCreateTemplate(User $user)
{
return $GLOBALS['perm']->have_perm('admin');
}
public static function canUpdateTemplate(User $user, Template $resource)
{
return self::canCreateTemplate($user);
}
public static function canDeleteTemplate(User $user, Template $resource)
{
return self::canCreateTemplate($user);
}
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
public static function canIndexPublicLinks(User $user): bool
{
return self::canCreatePublicLink($user);
}
public static function canShowPublicLink(User $user, PublicLink $resource): bool
{
return self::canUpdatePublicLink($user, $resource);
}
public static function canCreatePublicLink(User $user): bool
{
return true;
}
public static function canUpdatePublicLink(User $user, PublicLink $resource): bool
{
return $resource->user_id === $user->id;
}
public static function canDeletePublicLink(User $user, PublicLink $resource): bool
{
return self::canUpdatePublicLink($user, $resource);
}
public static function canShowPublicStructuralElement(StructuralElement $resource): bool
{
$publicLink = PublicLink::findOneBySQL('structural_element_id = ?', [$resource->id]);
return (bool) $publicLink;
}